Search for packages
| purl | pkg:maven/org.picketlink/picketlink-federation@2.7.1.Final |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-jds7-wgvc-k7hy | Wrong security context loaded when using SAML2 STS Login Module The `org.jboss.security.plugins.mapping.JBossMappingManager` implementation in this package uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain. |
CVE-2014-7827
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T20:32:14.981506+00:00 | GitLab Importer | Fixing | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.4.0 |
| 2026-04-11T21:42:38.153716+00:00 | GitLab Importer | Fixing | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.3.0 |
| 2026-04-02T21:56:46.581373+00:00 | GitLab Importer | Fixing | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.1.0 |
| 2026-04-01T16:13:57.469047+00:00 | GitLab Importer | Fixing | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.0.0 |